<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<div th:replace="~{common/common::head}"></div>

<body>
<div class="layuimini-container">
    <div class="layuimini-main">
        <div class="layui-row layui-col-space15">
            <div class="layui-col-md12">
                <fieldset class="layui-elem-field layui-field-title">
                    <legend>
                        <a style="color: rgb(30 159 255)" class="dos">其他漏洞 - Dos攻击</a>
                    </legend>
                    <blockquote class="layui-elem-quote layui-quote-nm"
                                style="font-size: 15px;background-color: #a7deefab;box-shadow: 0 .125rem .25rem rgba(0, 0, 0, .075) !important">
                        <p>
                        <pre>  DoS攻击：由单一来源发起，旨在使目标服务不可用，通常规模较小，易于防御</pre>
                        <pre>  DDoS攻击：由多个来源协同发起，产生巨量流量，导致大规模服务中断，防御难度较大</pre>
                        </p>
                    </blockquote>
                </fieldset>
            </div>
            <div class="layui-col-md12" style="margin-top: 10px">
                <div class="layui-row layui-col-space15">
                    <div class="layui-col-md6">
                        <h1><span class="iconfont icon-bug">  漏洞环境：验证码参数可控</span></h1>
                        <div class="layui-tab layui-tab-brief">
                            <div class="layui-tab-content">
                                <div class="layui-tab-item layui-show">
                                    <blockquote class="layui-elem-quote main_btn">
                                        <p>图片功能点(二维码/验证码)参数长、宽可控时，造成拒绝服务</p>
                                        <a target="_blank" href="/other/dos/vul?width=10000&height=10000">
                                            <button class="layui-btn layui-btn-normal" style="width: 100px; margin-left: 10px;">
                                                <span class="iconfont icon-zhihang">Run</span>
                                            </button>
                                        </a>
                                    </blockquote>
                                </div>


                                <div class="layui-col-md12">
                                    <div class="layui-card">
                                        <div class="layui-card-header"><i class="fa fa-bullhorn icon-tip"></i>tips</div>
                                        <div class="layui-card-body layui-text layadmin-text">
                                            <pre style="color: #28333e;font-size: 15px;">  后端接收前端传来的宽度和高度参数生成二维码，但缺乏有效验证可能导致攻击者输入极大值，造成拒绝服务（DoS）攻击
  PS：测试时避免使用极大值，避免对正常业务造成影响</pre>
                                        </div>
                                    </div>
                                </div>

                            </div>
                        </div>
                    </div>

                    <div class="layui-col-md6">
                        <h1><span class="iconfont icon-code">  缺陷代码</span></h1>
                        <div class="m-auto div-shadow shadow p-3 mb-5 bg-white rounded">
                            <div class="code-editor" id="vulDos">
                            </div>
                        </div>
                    </div>

                </div>
            </div>

<!--            <div class="layui-col-md12" style="margin-top: 10px">-->
<!--                <div class="layui-row layui-col-space15">-->
<!--                    <div class="layui-col-md6">-->
<!--                        <h1><span class="iconfont icon-bug"> 漏洞环境：ZIP解压炸弹</span></h1>-->
<!--                        <div class="layui-tab layui-tab-brief">-->
<!--                            <div class="layui-tab-content">-->
<!--                                <div class="layui-tab-item layui-show">-->
<!--                                    <blockquote class="layui-elem-quote main_btn">-->
<!--                                        <button type="button" class="layui-btn" id="uploadHTMLFile">-->
<!--                                            <i class="layui-icon">&#xe67c;</i>选择文件-->
<!--                                        </button>-->
<!--                                        <div style="display: flex; align-items: center;">-->
<!--                                            <p> 只能上传HTML类型文件哦</p>-->
<!--                                        </div>-->
<!--                                        <button type="button" class="layui-btn layui-btn-normal" id="uploadHTML">-->
<!--                                            上传文件-->
<!--                                        </button>-->
<!--                                    </blockquote>-->
<!--                                </div>-->
<!--                                <div class="layui-col-md12">-->
<!--                                    <div class="layui-card">-->
<!--                                        <div class="layui-card-header"><i class="fa fa-bullhorn icon-tip"></i>tips</div>-->
<!--                                        <div class="layui-card-body layui-text layadmin-text">-->
<!--                                            <pre style="color: #28333e; font-size: 15px;">-->
<!--除了文件上传导致存储XSS，xml场景下还需要后端进行xml解析-->
<!--这里PDF型XSS实际是没有危害的，考虑到合规监管问题，还是放上去了-->
<!--PS：除此之外，还有flash等漏洞场景，后续会补充-->
<!--                                            </pre>-->
<!--                                        </div>-->
<!--                                    </div>-->
<!--                                </div>-->
<!--                                <div class="layui-col-md12">-->
<!--                                    <div class="layui-card">-->
<!--                                        <div class="layui-card-header"><i class="fa fa-warning icon-output"></i>测试结果-->
<!--                                        </div>-->
<!--                                        <div class="layui-card-body layui-text layadmin-text">-->
<!--                                            <pre id="vul1-upload-result" style="color: red; font-size: 15px;"></pre>-->
<!--                                        </div>-->
<!--                                    </div>-->
<!--                                </div>-->
<!--                            </div>-->
<!--                        </div>-->
<!--                    </div>-->

<!--                    <div class="layui-col-md6">-->
<!--                        <h1><span class="iconfont icon-code"> 缺陷代码</span></h1>-->
<!--                        <div class="m-auto div-shadow shadow p-3 mb-5 bg-white rounded">-->
<!--                            <div class="code-editor" id="vul1OtherUpload"></div>-->
<!--                        </div>-->
<!--                    </div>-->

<!--                </div>-->
<!--            </div>-->



        </div>
    </div>
</div>
</div>

<div th:replace="~{common/common::script}"></div>
<script>
    $(function () {
        $.ajax({
            url: '/other/csrf/getCsrfToken',
            type: 'GET',
            success: function (data) {
                $('input[name="csrfToken"]').val(data.csrfToken);
            },
            error: function () {
                console.error('获取csrfToken失败');
            }
        });
    });
</script>
<script type="text/javascript">
    document.addEventListener("DOMContentLoaded", function () {

        layui.use(['layer', 'miniTab', 'common', 'form'], function () {
            var $ = layui.jquery,
                layer = layui.layer,
                miniTab = layui.miniTab,
                common = layui.common,
                form = layui.form;
            miniTab.listen();
            layer.msg("其他漏洞-跨站请求伪造")

            var cmConfig = {
                lineNumbers: true,
                lineWrapping: false,
                indentUnit: 4,
                indentWithTabs: true,
                theme: 'juejin',
                styleActiveLine: {nonEmpty: true},
                fontSize: "18px",
                mode: "text/x-java"
            };
            var cmConfigSafe = {
                lineNumbers: true,
                lineWrapping: false,
                indentUnit: 4,
                indentWithTabs: true,
                theme: 'juejinsafe',
                styleActiveLine: {nonEmpty: true},
                fontSize: "18px",
                mode: "text/x-java"
            };

            CodeMirror(document.getElementById("vulDos"), Object.assign({}, cmConfig, {
                value: vulDos
            }));

            $('.dos').hover(function () {
                $(this).css('cursor', 'pointer');
                layer.tips('Dos与DDos区别', this, {
                    tips: [1, '#0051ff'],
                    time: 2000
                });
            });

            $('.dos').on('click', function () {
                layer.open({
                    type: 1,
                    title: false,
                    closeBtn: 1,
                    area: ['760px', '500px'],
                    shadeClose: true,
                    content: '<div style="text-align: center;"><img src="/static/images/vul/dos/dos.jpeg" style="width: 100%; height: 100%;"></div>'
                });
            });

        });
    });

</script>

</body>
</html>
